Forum Discussion

Vishnu2212's avatar
Vishnu2212
Icon for Nimbostratus rankNimbostratus
May 28, 2021

iRule for SameSite Strict attribute

Hi Folks,

I need iRule for setting the samesite = strict attribute and call it in virtual server. I have tried available article but it is not working. SameSite is reflecting as None from the browser developer tool.

 

Here is my iRule.

 

when HTTP_RESPONSE_RELEASE {

 

set samesite_security "strict"

 

 

set cookie_names [HTTP::cookie names]

 

foreach a_cookie $cookie_names {

# Remove any prior instances of SameSite attributes

HTTP::cookie attribute $a_cookie remove {samesite} 

# Insert a new SameSite attribute

HTTP::cookie attribute $a_cookie insert {samesite} $samesite_security

 

}

if {$cookie_debug}{log local0. "[IP::client_addr]:[TCP::client_port]: Set-Cookie header values: [HTTP::header values {Set-Cookie}]"}

}

 

 

 

1 Reply

  • Have you checked this article as it mentons a bug:

     

     

    https://support.f5.com/csp/article/K14225515

     

     

     

    Also search the bugtracker for bugs for samesite :

     

     

    https://support.f5.com/csp/bug-tracker?sf189923893=1